Read with Formatting | Join TechSpot! (it's free) | Bookmark / Share this


Persistent problems with CoolWebSearch and DyFuCA

bugman
03-16-2005, 12:14 PM
I've been battling against spyware etc for about a month now. In fact, I've followed realblackstuff's instructions at http://www.techspot.com/vb/topic17297.html 16 times now! Also, I'm only visiting trusted websites and using Firefox instead of IE, so I don't reckon I'm getting reinfected.

Earlier today, within minutes of opening Firefox, my PC was locked up, no response to Ctrl-Alt-Del, and so I had to stick a pencil in the reboot slot. I ran realblackstuff's instructions again and Ad-Aware came up with 10 critical objects, only 8 of which it could remove. This is becoming a familiar pattern. Although it offers to remove the remaining 2 critical objects after the next reboot, it never finds them again, and in time, all the problems return.

Here are the two that couldn't be removed today (this is taken from the Ad-Aware log):

Deep scanning and examining files (c:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Object "A0055962.CPY" found in this archive.

CoolWebSearch Object Recognized!
Type : File
Data : FS30.CAB
Category : Malware
Comment : Object "A0055962.CPY" found in this archive.
Object : c:\_RESTORE\ARCHIVE\


Object "A0056642.CPY" found in this archive.

DyFuCA Object Recognized!
Type : File
Data : FS44.CAB
Category : Malware
Comment : Object "A0056642.CPY" found in this archive.
Object : c:\_RESTORE\ARCHIVE\

There's been no suspicious changes to my HijackThis log since realblackstuff gave it a clean bill of health.

Well, any help would be very gratefully received.

Thanks.
RealBlackStuff
03-17-2005, 03:50 AM
You have overlooked the ONE critical point:
You need to switch System Restore OFF before you do your 'spring-cleaning'. That deletes your restore-points. These rotten files are stored inside one of your restore points, where no program has any access.
Only by deleting those points, i.e. switch System Restore OFF, can you get rid of them.
Then switch it back on again.
Ad
03-17-2005, 03:50 AM
bugman
03-17-2005, 06:04 AM
Aha - I think that's finally sorted it. Thanks very much indeed Sir Blackstuff.
I thought the instruction to disable system restore only applied to XP users - I'm using ME.
Cheers.
cwskiller
06-03-2005, 06:55 AM
Remove DyfuCa (http://www.spyware-removal-guideline.com/dyfuca-removal) manually
Remove CoolWebSearch (http://www.spyware-removal-guideline.com/coolwebsearch-removal) manually
davidsurv
06-07-2005, 11:36 PM
Although the name of this site would tend to ward off visits I have found it very useful in aiding in the manual removal of many pc annoyance's. http://pchell.com/
Vigilante
06-07-2005, 11:49 PM
ME introduced the system restore function, which is next to useless if you ask me :) I always turn it off.

 Top Technology News
Google makes Friend Connect beta available
Weekend Open Forum: PC Game of the Year 2008 goes to...
Microsoft announces numerous improvements to OOXML
Download of the week: Songbird
Square Enix makes bid For Eidos
AMD's 22W Athlon X2 due soon
Activision Blizzard confirms sequels for 2009
More Tech News

 Software Downloads
Anti Trojan Elite 4.2.5
McAfee SuperDAT Update 5454
SmartFTP Client 3.0.1025.5 Beta
SmartFTP Client 3.0.1024.32
1Click DVD Copy 5.5.6.0
Apex Video Converter Free 8.41
UltraISO Premium 9.3.2.2656
More Downloads

Copyright © 1998-2008 TechSpot.com. TechSpot is a registered trademark. All Rights Reserved.